threat
engine
.sh
Back
·
··:··
Home
/
Product
/
squid cache squid
Product
squid cache squid
150 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-33526
< 7.5
Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service w
7.5
HIGH
CVE-2026-33515
< 7.5
Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds
6.5
MEDIUM
CVE-2026-32748
< 7.5
Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap
7.5
HIGH
CVE-2025-62168
< 7.2
Squid is a caching proxy for the Web. In Squid versions prior to 7.2, a failure to redact HTTP authentication credentials in error
10.0
CRITICAL
CVE-2025-59362
<= 7.1
Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c.
4.0
MEDIUM
CVE-2025-54574
< 6.4
Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote
9.3
CRITICAL
CVE-2024-45802
>= 3.0 and < 6.10
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Releas
7.5
HIGH
CVE-2024-37894
>= 3.0 and < 6.10
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI
6.3
MEDIUM
CVE-2024-25111
>= 3.5.27 and < 6.8
Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service at
8.6
HIGH
CVE-2024-25617
>= 3.0 and < 6.5
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Collapse of Data into Unsafe Val
5.3
MEDIUM
CVE-2024-23638
>= 5.0 and <= 5.9
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denia
6.5
MEDIUM
CVE-2023-50269
>= 3.1 and <= 5.9
Squid is a caching proxy for the Web. Due to an Uncontrolled Recursion bug in versions 2.6 through 2.7.STABLE9, versions 3.1 throu
8.6
HIGH
CVE-2023-49288
>= 3.5 and <= 5.9
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Affected versions of squid are subject to a Use-Afte
8.6
HIGH
CVE-2023-49286
<= 6.4
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Incorrect Check of Function Return Value bug
8.6
HIGH
CVE-2023-49285
<= 6.4
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a
8.6
HIGH
CVE-2023-46728
< 6.0.1
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnera
7.5
HIGH
CVE-2023-5824
< 6.4
A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid m
7.5
HIGH
CVE-2023-46848
>= 5.0.3 and < 6.4
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages
8.6
HIGH
CVE-2023-46847
>= 3.2.0.1 and < 6.4
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of a
8.6
HIGH
CVE-2023-46846
>= 2.6 and < 6.4
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Res
9.3
CRITICAL
CVE-2023-46724
>= 3.3.0.1 and < 6.4
Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and
8.6
HIGH
CVE-2022-41318
>= 2.5 and < 5.7
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI
8.6
HIGH
CVE-2022-41317
>= 4.9 and <= 4.17
An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can
6.5
MEDIUM
CVE-2021-46784
>= 3.0 and <= 3.5.28
In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due to improper buffer management, a Denial of Service can occu
6.5
MEDIUM
CVE-2021-41611
>= 5.0.6 and < 5.2
An issue was discovered in Squid 5.0.6 through 5.1.x before 5.2. When validating an origin server or peer certificate, Squid may i
7.5
HIGH
CVE-2021-31807
>= 3.0 and < 4.15
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. An integer overflow problem allows a remote server to achieve D
6.5
MEDIUM
CVE-2021-33620
< 4.15
Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients)
6.5
MEDIUM
CVE-2021-31808
< 4.15
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of
6.5
MEDIUM
CVE-2021-31806
< 4.15
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of
6.5
MEDIUM
CVE-2021-28662
>= 4.0.1 and < 4.15
An issue was discovered in Squid 4.x before 4.15 and 5.x before 5.0.6. If a remote server sends a certain response header over HTT
6.5
MEDIUM
CVE-2021-28652
>= 1.0 and < 4.15
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to incorrect parser validation, it allows a Denial of Servi
4.9
MEDIUM
CVE-2021-28651
>= 2.0 and < 4.15
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service.
7.5
HIGH
CVE-2020-25097
>= 2.0 and < 4.14
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client
8.6
HIGH
CVE-2021-28116
<= 4.14
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read i
3.7
LOW
CVE-2020-15811
< 4.13
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attack
6.5
MEDIUM
CVE-2020-15810
< 4.13
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attack
6.5
MEDIUM
CVE-2020-24606
>= 3.0 and < 4.13
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles du
8.6
HIGH
CVE-2020-14059
>= 5.0 and < 5.0.3
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when process
6.5
MEDIUM
CVE-2020-14058
>= 3.1 and <= 3.5.28
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the d
7.5
HIGH
CVE-2020-15049
>= 2.0 and <= 2.6
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poi
9.9
CRITICAL
CVE-2020-11945
>= 3.0 and <= 3.5.28
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access t
9.8
CRITICAL
CVE-2019-12520
<= 4.7
An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a r
7.5
HIGH
CVE-2019-12519
>= 3.0 and <= 3.5.28
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evalu
9.8
CRITICAL
CVE-2019-12524
<= 4.7
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request shou
9.8
CRITICAL
CVE-2019-12522
<= 4.7
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by defaul
4.5
MEDIUM
CVE-2019-12521
>= 3.0 and <= 3.5.28
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext conta
5.9
MEDIUM
CVE-2019-18860
< 4.9
Squid before 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
6.1
MEDIUM
CVE-2019-12528
< 4.10
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from h
7.5
HIGH
CVE-2020-8517
< 4.10
An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext
7.5
HIGH
CVE-2020-8450
< 4.10
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a
7.3
HIGH
CVE-2020-8449
< 4.10
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpec
7.5
HIGH
CVE-2019-18679
>= 2.0 and <= 2.7
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information
7.5
HIGH
CVE-2019-18678
>= 3.0 and <= 3.5.28
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software t
5.3
MEDIUM
CVE-2019-18677
>= 2.0 and <= 2.7
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters d
6.1
MEDIUM
CVE-2019-18676
>= 3.0 and <= 3.5.28
An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow
7.5
HIGH
CVE-2019-12526
>= 3.0 and <= 3.5.28
An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiv
9.8
CRITICAL
CVE-2019-12523
>= 3.0 and <= 3.5.28
An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request
9.1
CRITICAL
CVE-2019-12854
>= 4.0 and <= 4.7
Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory acce
7.5
HIGH
CVE-2019-12529
>= 2.0 and < 2.7
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use
5.9
MEDIUM
CVE-2019-12527
>= 4.0.23 and <= 4.7
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a glo
8.8
HIGH
CVE-2019-12525
>= 3.3.9 and <= 3.5.28
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication,
9.8
CRITICAL
CVE-2019-13345
<= 4.7
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
6.1
MEDIUM
CVE-2018-19132
< 4.4
Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
5.9
MEDIUM
CVE-2018-19131
< 4.4
Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
6.1
MEDIUM
CVE-2018-1172
all versions
This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.
5.9
MEDIUM
CVE-2018-1000027
< 4.0.23
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnera
7.5
HIGH
CVE-2018-1000024
>= 3.0 and <= 3.5.27
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling
7.5
HIGH
CVE-2016-10003
>= 3.5.0.1 and < 3.5.23
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed
7.5
HIGH
CVE-2016-10002
all versions
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3
7.5
HIGH
CVE-2016-4556
all versions
Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of se
7.5
HIGH
CVE-2016-4555
all versions
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash)
7.5
HIGH
CVE-2016-4554
<= 3.5.17
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cac
8.6
HIGH
CVE-2016-4553
<= 3.5.17
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided
8.6
HIGH
CVE-2016-4054
all versions
Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge
8.1
HIGH
CVE-2016-4053
all versions
Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge
3.7
LOW
CVE-2016-4052
all versions
Multiple stack-based buffer overflows in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote HTTP servers to cause a denial
8.1
HIGH
CVE-2016-4051
all versions
Buffer overflow in cachemgr.cgi in Squid 2.x, 3.x before 3.5.17, and 4.x before 4.0.9 might allow remote attackers to cause a deni
8.8
HIGH
CVE-2016-2390
<= 3.5.13
The FwdState::connectedToPeer method in FwdState.cc in Squid before 3.5.14 and 4.0.x before 4.0.6 does not properly handle SSL han
5.9
MEDIUM
CVE-2016-3948
all versions
Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform bounds checking, which allows remote attackers to cause a denial o
7.5
HIGH
CVE-2016-3947
<= 3.5.15
Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x befor
8.2
HIGH
CVE-2016-2572
all versions
http.cc in Squid 4.x before 4.0.7 relies on the HTTP status code after a response-parsing failure, which allows remote HTTP server
7.5
HIGH
CVE-2016-2571
all versions
http.cc in Squid 3.x before 3.5.15 and 4.x before 4.0.7 proceeds with the storage of certain data after a response-parsing failure
7.5
HIGH
CVE-2016-2570
all versions
The Edge Side Includes (ESI) parser in Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not check buffer limits during XML parsin
7.5
HIGH
CVE-2016-2569
all versions
Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause
7.5
HIGH
CVE-2014-9749
all versions
Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest authentication is used, allow remote authenticated users to reta
CVE-2015-5400
<= 3.5.2
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote att
CVE-2015-3455
all versions
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL
CVE-2015-0881
<= 3.1.0.18
CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP respo
CVE-2014-7142
all versions
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash)
CVE-2014-7141
all versions
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-
CVE-2014-6270
all versions
Off-by-one error in the snmpHandleUdp function in snmp_core.cc in Squid 2.x and 3.x, when an SNMP port is configured, allows remot
CVE-2014-3609
all versions
HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via
CVE-2014-0128
all versions
Squid 3.1 before 3.3.12 and 3.4 before 3.4.4, when SSL-Bump is enabled, allows remote attackers to cause a denial of service (asse
CVE-2013-1839
all versions
The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to c
CVE-2013-4123
all versions
client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service vi
CVE-2013-4115
all versions
Buffer overflow in the idnsALookup function in dns_internal.cc in Squid 3.2 through 3.2.11 and 3.3 through 3.3.6 allows remote att
CVE-2013-0189
all versions
cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of se
CVE-2012-5643
all versions
Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x befor
CVE-2012-2213
all versions
Squid 3.1.9 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed ho
CVE-2011-4096
<= 3.1.15
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial o
CVE-2011-3205
all versions
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before
CVE-2010-2951
all versions
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query,
CVE-2010-3072
all versions
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a
CVE-2010-0639
all versions
The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before
CVE-2010-0308
all versions
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of servic
CVE-2009-2855
all versions
The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a craft
CVE-2009-2622
all versions
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed request
CVE-2009-2621
all versions
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which
CVE-2009-0801
all versions
Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows rem
CVE-2009-0478
all versions
Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP
CVE-2008-1612
all versions
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unkn
CVE-2007-6239
all versions
The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause
CVE-2007-1560
all versions
The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denia
CVE-2007-0248
all versions
The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing
CVE-2007-0247
all versions
squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP dir
CVE-2005-3322
all versions
Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).
CVE-2005-3258
all versions
The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service
CVE-2005-2917
<= 2.5.stable10
Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which al
CVE-2005-2796
all versions
The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (s
CVE-2005-2794
all versions
store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted request
CVE-2005-1711
all versions
Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory fo
CVE-2005-1519
<= 2.5_stable9
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows rem
CVE-2005-1345
all versions
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configu
CVE-2005-0446
all versions
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1)
CVE-2005-0241
all versions
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is
CVE-2005-0211
all versions
Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execut
CVE-2005-0194
all versions
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without def
CVE-2005-0173
all versions
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) vi
CVE-2005-0718
all versions
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection
CVE-2005-0626
all versions
Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in cac
CVE-2005-0175
all versions
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
CVE-2005-0174
all versions
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow
CVE-2004-0918
all versions
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to
CVE-2005-0096
all versions
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of servic
CVE-2005-0095
all versions
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via ma
CVE-2005-0094
all versions
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious
CVE-2005-0097
all versions
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed N
CVE-2004-2654
all versions
The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denia
CVE-2004-0832
<= 2.5.6
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow re
CVE-2004-0189
all versions
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a
CVE-2002-2414
all versions
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (
CVE-2002-0715
<= 2.4.stable6
Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the use
CVE-2002-0714
<= 2.4.stable6
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which
CVE-2002-0713
<= 2.4.stable6
Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbi
CVE-2002-0163
<= 2.4_9
Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote at
CVE-2002-0069
<= 2.4_stable_2
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
CVE-2002-0068
<= 2.4_stable_3
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code
CVE-2002-0067
<= 2.4_stable_2
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allo
CVE-2001-0843
<= 2.4
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
CVE-2001-1030
all versions
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_ac
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin